Security of
SQLite databases

Your
SQLite® database can have one of
the following levels of security:

No encryption: A plaintext file that is accessible
from any app on the smartphone.

Encryption: An encrypted file that is accessible from
any app on the smartphone.

Encryption and protection: An encrypted file that is accessible only from apps on the smartphone that are signed with the same code signing key.

Content protection in addition to encryption and protection: An encrypted and protected file that uses content protection to encrypt the SQLite®
master key and provide extra protection when the smartphone is locked.

Applications with sensitive information should use encrypted and protected databases to prevent other applications from using the attach method to access them.

There is no way to restrict access to a plaintext database because it can be read with file I/O operations.

The following sections describe each of the levels of security.

Encryption

Encryption helps prevent someone from copying files from a smartphone and reading them. The algorithm used to implement SQLite encryption is AES 256.

To transfer an
encrypted database to another smartphone, you must first decrypt it.

An
app can open or create an encrypted database only when the smartphone is
unlocked. If a database is open when a smartphone is locked, the database continues to be readable and writable.

Encryption does not prevent other applications on the smartphone from accessing your database. To restrict access, you must protect your database by signing it with a code signing key.

The following code sample creates a database that is encrypted but not signed. It creates a DatabaseSecurityOptions object called dbso that passes true as the single parameter value.

Encryption and protection

If you want to restrict a database so that it can be accessed only by the app that it is a part of, you must sign the database with a code signing key. To restrict access to one app, you should use a unique key that you generate using the BlackBerry® Signing Authority Tool. This signing is separate from the code signing you do for controlled APIs.

You can also use the code signing key to share access to the database with other specific apps. When multiple
apps are signed with the same key, they all have access to the database.

The following code sample encrypts and protects an existing database. First, the code sample retrieves the code signing key from a file called XYZ. Next, it encrypts and signs the database. If the database is already encrypted, the encrypt method exits gracefully.

Content protection in addition to encryption and protection

Content protection encrypts encryption
keys so that they are inaccessible when the smartphone is locked.

Even when a database file is encrypted, the maximum protection level is achieved when content protection is turned on. With content protection, an application can open or create an encrypted database only when the smartphone is unlocked.

An encrypted database should be closed as soon as possible. An open database connection might be susceptible to cold boot attacks.